Trojan

BScope.TrojanDownloader.Dridex information

Malware Removal

The BScope.TrojanDownloader.Dridex is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.TrojanDownloader.Dridex virus can do?

  • Executable code extraction
  • Enumerates user accounts on the system
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Exhibits behavior characteristic of Cerber ransomware
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Mimics the file times of a Windows system file
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Attempts to identify installed AV products by installation directory
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine BScope.TrojanDownloader.Dridex?



File Info:

crc32: BCBBCC96
md5: bb9ea59dcd481ba17bca7ba9389041dd
name: BB9EA59DCD481BA17BCA7BA9389041DD.mlw
sha1: 8f92c34f1d340bc07a91954e553d6333238a553d
sha256: d00d9f83a9955861809470725c726b1eac6cbd0665dfa7868dfd5607c2745512
sha512: 5a87a15b893307ebb5bb1cc774f742f6156edea88cc14cceae51ce64a77d4a54397f62de456c7305deb61b239e6a3b6473dd18e162fedd1b7cb1cabb33d4b1ed
ssdeep: 3072:M+41ix/CWQdqCrIKA3AkaheJfYJMg5e9wpyzzPA6q/53GH+WaUEInnirTdu:MZ1ilZ1CrIpnJwag54zjA6053GSUEX
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 Design Science, Inc. 1990-2013
InternalName: Design Science situp Utility
FileVersion: 2013.2.5.0  
CompanyName: D    esign Science, Inc.
LegalTrademarks: Design Science situp Utility is a trademark of Design Science, Inc.
ProductName: Design Science situp Utility
ProductVersion: 6.9 (13020500)                                             
FileDescription: De  sign Science situp Utility
OriginalFilename: situp.EXE
Translation: 0x0409 0x04e4

BScope.TrojanDownloader.Dridex also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.4691
CynetMalicious (score: 100)
CAT-QuickHealRansom.Cerber.G4
ALYacTrojan.Ransom.Cerber.1
MalwarebytesMalware.AI.861974050
SangforRansom.Win32.Cerber.A
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Cerber.49c5d8bb
K7GWTrojan ( 005224381 )
Cybereasonmalicious.dcd481
BaiduWin32.Trojan.Kryptik.amh
CyrenW32/S-1413dc2c!Eldorado
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.CIKY
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.Cerber.1
NANO-AntivirusTrojan.Win32.Kryptik.evlski
MicroWorld-eScanTrojan.Ransom.Cerber.1
TencentMalware.Win32.Gencirc.10b70fce
Ad-AwareTrojan.Ransom.Cerber.1
SophosML/PE-A + Mal/Cerber-AK
ComodoTrojWare.Win32.Kryptik.ERJ@6l0vie
F-SecureTrojan.TR/Crypt.XPACK.Gen2
BitDefenderThetaGen:NN.ZexaF.34628.sq0@aqtux!ni
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroRansom_HPCERBER.SM3
McAfee-GW-EditionBehavesLike.Win32.Dropper.fm
FireEyeGeneric.mg.bb9ea59dcd481ba1
EmsisoftTrojan.Ransom.Cerber.1 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Generic.cqjed
AviraTR/Crypt.XPACK.Gen2
MicrosoftRansom:Win32/Cerber.A
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Ransom.Cerber.1
AhnLab-V3Win-Trojan/Lukitus2.Exp
Acronissuspicious
McAfeeRansomware-GCQ!BB9EA59DCD48
MAXmalware (ai score=100)
VBA32BScope.TrojanDownloader.Dridex
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_HPCERBER.SM3
RisingRansom.Cerber!8.3058 (C64:YzY0Ot3VVbwIcg6u)
YandexTrojan.GenAsa!7HAOw0VKxLE
IkarusTrojan.Win32.Crypt
FortinetW32/GenKryptik.EQEC!tr
AVGWin32:Malware-gen
Qihoo-360Win32/Trojan.e6d

How to remove BScope.TrojanDownloader.Dridex?

BScope.TrojanDownloader.Dridex removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment